Add label_name as scalar param of IssuableFinder
This was removed by a previous MR but broke some links
This commit is contained in:
parent
46bdbc5d77
commit
ff627511c0
|
@ -53,6 +53,7 @@ class IssuableFinder
|
||||||
assignee_username
|
assignee_username
|
||||||
author_id
|
author_id
|
||||||
author_username
|
author_username
|
||||||
|
label_name
|
||||||
milestone_title
|
milestone_title
|
||||||
my_reaction_emoji
|
my_reaction_emoji
|
||||||
search
|
search
|
||||||
|
|
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
title: Fix filtering of labels from system note link
|
||||||
|
merge_request: 27507
|
||||||
|
author:
|
||||||
|
type: fixed
|
|
@ -108,51 +108,77 @@ describe IssuableCollections do
|
||||||
end
|
end
|
||||||
|
|
||||||
describe '#finder_options' do
|
describe '#finder_options' do
|
||||||
let(:params) do
|
before do
|
||||||
{
|
|
||||||
assignee_id: '1',
|
|
||||||
assignee_username: 'user1',
|
|
||||||
author_id: '2',
|
|
||||||
author_username: 'user2',
|
|
||||||
authorized_only: 'yes',
|
|
||||||
confidential: true,
|
|
||||||
due_date: '2017-01-01',
|
|
||||||
group_id: '3',
|
|
||||||
iids: '4',
|
|
||||||
label_name: ['foo'],
|
|
||||||
milestone_title: 'bar',
|
|
||||||
my_reaction_emoji: 'thumbsup',
|
|
||||||
non_archived: 'true',
|
|
||||||
project_id: '5',
|
|
||||||
scope: 'all',
|
|
||||||
search: 'baz',
|
|
||||||
sort: 'priority',
|
|
||||||
state: 'opened',
|
|
||||||
invalid_param: 'invalid_param'
|
|
||||||
}
|
|
||||||
end
|
|
||||||
|
|
||||||
it 'only allows whitelisted params' do
|
|
||||||
allow(controller).to receive(:cookies).and_return({})
|
allow(controller).to receive(:cookies).and_return({})
|
||||||
allow(controller).to receive(:current_user).and_return(nil)
|
allow(controller).to receive(:current_user).and_return(nil)
|
||||||
|
end
|
||||||
|
|
||||||
finder_options = controller.send(:finder_options)
|
subject { controller.send(:finder_options).to_h }
|
||||||
|
|
||||||
expect(finder_options).to eq(ActionController::Parameters.new({
|
context 'scalar params' do
|
||||||
'assignee_id' => '1',
|
let(:params) do
|
||||||
'assignee_username' => 'user1',
|
{
|
||||||
'author_id' => '2',
|
assignee_id: '1',
|
||||||
'author_username' => 'user2',
|
assignee_username: 'user1',
|
||||||
'confidential' => true,
|
author_id: '2',
|
||||||
'label_name' => ['foo'],
|
author_username: 'user2',
|
||||||
'milestone_title' => 'bar',
|
authorized_only: 'yes',
|
||||||
'my_reaction_emoji' => 'thumbsup',
|
confidential: true,
|
||||||
'due_date' => '2017-01-01',
|
due_date: '2017-01-01',
|
||||||
'scope' => 'all',
|
group_id: '3',
|
||||||
'search' => 'baz',
|
iids: '4',
|
||||||
'sort' => 'priority',
|
label_name: 'foo',
|
||||||
'state' => 'opened'
|
milestone_title: 'bar',
|
||||||
}).permit!)
|
my_reaction_emoji: 'thumbsup',
|
||||||
|
non_archived: 'true',
|
||||||
|
project_id: '5',
|
||||||
|
scope: 'all',
|
||||||
|
search: 'baz',
|
||||||
|
sort: 'priority',
|
||||||
|
state: 'opened',
|
||||||
|
invalid_param: 'invalid_param'
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'only allows whitelisted params' do
|
||||||
|
is_expected.to include({
|
||||||
|
'assignee_id' => '1',
|
||||||
|
'assignee_username' => 'user1',
|
||||||
|
'author_id' => '2',
|
||||||
|
'author_username' => 'user2',
|
||||||
|
'confidential' => true,
|
||||||
|
'label_name' => 'foo',
|
||||||
|
'milestone_title' => 'bar',
|
||||||
|
'my_reaction_emoji' => 'thumbsup',
|
||||||
|
'due_date' => '2017-01-01',
|
||||||
|
'scope' => 'all',
|
||||||
|
'search' => 'baz',
|
||||||
|
'sort' => 'priority',
|
||||||
|
'state' => 'opened'
|
||||||
|
})
|
||||||
|
|
||||||
|
is_expected.not_to include('invalid_param')
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'array params' do
|
||||||
|
let(:params) do
|
||||||
|
{
|
||||||
|
assignee_username: %w[user1 user2],
|
||||||
|
label_name: %w[label1 label2],
|
||||||
|
invalid_param: 'invalid_param',
|
||||||
|
invalid_array: ['param']
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'only allows whitelisted params' do
|
||||||
|
is_expected.to include({
|
||||||
|
'label_name' => %w[label1 label2],
|
||||||
|
'assignee_username' => %w[user1 user2]
|
||||||
|
})
|
||||||
|
|
||||||
|
is_expected.not_to include('invalid_param', 'invalid_array')
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue